On Tue, Dec 17, 2024 at 11:54:49AM +0530, Harshit Mogalapalli wrote:
Hi Sasha,
On 28/07/24 21:38, Sasha Levin wrote:
From: Takashi Iwai <tiwai@xxxxxxx>
[ Upstream commit 2f38cf730caedaeacdefb7ff35b0a3c1168117f9 ]
A malformed USB descriptor may pass the lengthy mixer description with
a lot of channels, and this may overflow the 32bit integer shift
size, as caught by syzbot UBSAN test. Although this won't cause any
real trouble, it's better to address.
This patch introduces a sanity check of the number of channels to bail
out the parsing when too many channels are found.
Reported-by: syzbot+78d5b129a762182225aa@xxxxxxxxxxxxxxxxxxxxxxxxx
Closes: https://lore.kernel.org/0000000000000adac5061d3c7355@xxxxxxxxxx
Link: https://patch.msgid.link/20240715123619.26612-1-tiwai@xxxxxxx
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
FYI: This 13 patch series and similar AUTOSEL sets for other stable
kernels didn't go into stable yet.
Huh, thanks for that.
I've tried to look at the history, and I'm quite confused about what's
happening. My scripts must have gone rogue at some point.
--
Thanks,
Sasha
